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Amendment "G" dated January 16, 2008 

Reply to Office Action mailed November 16, 2007 

AMENDMENTS TO THE CLAIMS 

This listing of claims replaces all prior versions, and listings, of claims in the application: 
Listing of Claims: 

Claim 1. (Previously Presented) In a computer environment including a 
plurality of applications that operate on data related to an identity, the computer environment 
also including a service that maintains data associated with the identity, a method for one of the 
plurality of applications to operate on data related to the identity, the method comprising the 
following: 

identifying data associated with an identity, which is maintained by a service independent 
of an application seeking to operate on the data as a data object organized into a data structure 
according to a schema recognized by the service and the plurality of applications, such that the 
plurality of applications can interpret the data object by following rules in the schema, wherein 
control over access privileges associated with the data is retained by the identity such that the 
identity can grant or retract authorizations by altering access control rules in the data structure; 

formulating a request to operate on the data, wherein formulating the request includes: 

an act of constructing a network message in accordance with a message format that is 
recognized by the service, the network message representing a request to perform the operation 
on the data structure, wherein the network message includes an identification of the identity and 
an identification of the schema; and 

an act of dispatching the network message to the service. 

Claim 2. (Original) A method in accordance with Claim 1, wherein the act of 
dispatching the network message to the service comprises dispatching the network message 
directly to the service without first communicating with a locator service. 

Claim 3. (Original) A method in accordance with Claim 1, wherein the data 
structure comprises a content data structure that represents the actual data of interest. 

Claim 4. (Original) A method in accordance with Claim 1, wherein the data 
structure comprises an access control data structure. 
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Claim 5. (Original) A method in accordance with Claim 1, wherein the data 
structure comprises a systems data structure. 

Claim 6. (Previously Presented) A method in accordance with Claim 1, 
wherein the data that is to be operated on is not directly accessed by the plurality of applications, 
but is only directly accessed via the service. 

Claim 7. (Previously Presented) A method in accordance with Claim 1, 
further comprising: 

an act of the granting the application access to the data structure prior to the acts of 
identifying, constructing, and dispatching, wherein the decision on whether or not to grant the 
application accesses is based on permissions provided by the identity. 

Claim 8. (Previously Presented) A method in accordance with Claim 1, 
further comprising: 

an act of revoking access from the application to the data structure after the acts of 
identifying, constructing, and dispatching, wherein the decision on whether or not to revoke 
access is based on permissions provided by the identity. 

Claim 9. (Original) A method in accordance with Claim 1, further comprising 
the following: 

an act of determining an address of the service. 

Claim 10. (Original) A method in accordance with Claim 9, wherein the act of 
constructing a network message comprises the following: 

an act of including the address of the service in the network message. 
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Claim 1 1 . (Original) A method in accordance with Claim 9, wherein the network 
message is a first network message, wherein the act of determining an address of the service 
comprises the following: 

an act of constructing a second network message in accordance with the message format 
that is recognized by a locator service, the second network message representing a query for the 
address using the identification of the identity; 

an act of dispatching the second network message to the locator service; and 

an act of receiving a response from the locator service that includes the address. 

Claim 12. (Original) A method in accordance with Claim 11, wherein the act of 
receiving a response from the locator service comprises the following: 

an act of receiving a third network message from the locator service, the third network 
message being in accordance with the message format. 

Claim 13. (Original) A method in accordance with Claim 1, wherein the act of 
constructing a network message in accordance with a message format that is recognized by the 
service comprises the following: 

an act of constructing a network message in accordance with the Simple Object Access 
Protocol. 

Claim 14. (Original) A method in accordance with Claim 1, wherein the act of 
dispatching the network message to the service comprises the following: 

an act of dispatching the network request to a locator service that maintains a list of 
addresses for type-specific data services corresponding to the identity. 

Claim 15. (Original) A method in accordance with Claim 1, wherein the act of 
dispatching the network message to the service comprises the following: 

an act of dispatching the network request to a type-specific data service that maintains a 
list of addresses for type-specific data services corresponding to the identity. 
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Claim 16. (Original) A method in accordance with Claim 1, wherein the act of 
dispatching the network message to the service comprises the following: 

an act of dispatching the network message to the service using a transport protocol that is 
compatible with transport over the Internet. 

Claim 17. (Original) A method in accordance with Claim 1, wherein the act of 
dispatching the network message to the service comprises the following: 

an act of dispatching the network message to a different machine as compared to the 
machine that runs the application. 

Claim 18. (Original) A method in accordance with Claim 1, wherein the act of 
dispatching the network message to the service comprises the following: 

an act of dispatching the network message to a service that is run on the same machine as 
the application. 

Claim 19. (Original) A method in accordance with Claim 1, wherein the identity 
is an individual. 

Claim 20. (Original) A method in accordance with Claim 1, wherein the identity 
is a group of individuals. 

Claim 2 1 . (Original) A method in accordance with Claim 1 , wherein the identity 
is an organization. 

Claims 22-23. (Cancelled). 
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Claim 24. (Original) A computer program product for use in a computer 
environment including a plurality of applications that operate on data related to an identity, the 
computer environment also including a service that maintains data associated with the identity, 
the computer program product for implementing a method for one of the plurality of applications 
to operate on data related to the identity, the computer program product comprising one or more 
computer-readable media having stored thereon the following: 

computer-executable instructions for implementing the method recited in claim 1. 

Claim 25. (Original) A computer program product in accordance with Claim 24, 
wherein the one or more computer-readable media are physical storage media. 

Claim 26. (Original) A computer program product in accordance with Claim 24, 
wherein the one or more computer-readable media further have stored thereon the following: 

computer-executable instructions for constructing a second network message in 
accordance with the message format that is recognized by a locator service, the second network 
message representing a query for the address using the identification of the identity; 

computer-executable instructions for causing the second network message to be 
dispatched to the locator service; and 

computer-executable instructions for detecting the receipt of a response from the locator 
service that includes the address. 
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Claim 27. (Previously Presented) In a computer environment including a 
plurality of applications that operate on data related to an identity, the computer environment 
also including a service that maintains data associated with the identity, a method for the service 
facilitating access of the plurality of applications to data related to the identity, the method 
comprising the following: 

an act of receiving a network message from one of the plurality of applications, the 
network message structured in accordance with a message format that is recognized by the 
service, the network message representing a request to operate on data maintained by the service 
independent of the one of the plurality of applications as a data structure associated with the 
identity, wherein the data structure is organized into the data structure according to a schema 
recognized by the service and the plurality of applications, such that the plurality of applications 
can interpret the data object by following rules in the schema, wherein the data belongs to the 
associated identity and wherein the identity retains control over access privileges of the plurality 
of applications to the data by granting or retracting authorizations by altering access control rules 
in the data structure, the network message including an identification of the identity and an 
identification of the schema; 

an act of interpreting the network message in light of the message format to thereby 
extract an identification of the identity and an identification of the data structure; and 

an act of performing the requested operation on the data structure using the data format. 

Claim 28. (Previously Presented) A method in accordance with Claim 27, 
further comprising the following: 

prior to the act of performing the requested operation, an act of determining that the one 
of the plurality of applications is authorized to perform the requested operation on the data 
structure based on permissions provided by the identity. 



Page 9 of 18 



Application No. 10/003,750 

Amendment "G" dated January 16, 2008 

Reply to Office Action mailed November 16, 2007 

Claim 29. (Original) A method in accordance with Claim 28, wherein: 
the method further comprises an act of maintaining a list of access rights to the data 
structure; and 

the act of determining that the one of the plurality of applications is authorized to perform 
the requested operation on the data structure comprises an act of referring to the list of access 
rights. 

Claim 30. (Original) A method in accordance with Claim 29, wherein the act of 
maintaining a list of access rights to the data structure comprises an act of honoring requests 
issued by the identity to control access rights to the data structure. 

Claim 31. (Original) A method in accordance with Claim 27, wherein the data 
structure represents addresses corresponding to a plurality of type-specific data services that 
maintain type-specific data structures related to the identity. 

Claim 32. (Original) A method in accordance with Claim 31, wherein network 
message is a first network message, wherein the act of performing the requested operation on the 
data structure comprises the following: 

an act of reading at least one address from the data structure; 

an act of constructing a second network message that includes the at least one address 
read from the data structure; and 

an act of dispatching the second network message. 

Claim 33. (Original) A method in accordance with Claim 32, wherein the act of 
dispatching the second network message comprises an act of dispatching the second network 
message to the one of the plurality of application programs. 

Claim 34. (Original) A method in accordance with Claim 32, wherein the act of 
dispatching the second network message comprises an act of dispatching the second network 
message in accordance with the message format. 
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Claim 35. (Original) A method in accordance with Claim 27, wherein the data 
structure represents personal address information corresponding to the identity. 

Claim 36. (Original) A method in accordance with Claim 27, wherein the data 
structure represents contacts information corresponding to the identity. 

Claim 37. (Original) A method in accordance with Claim 27, wherein the data 
structure represents grocery list information corresponding to the identity. 

Claim 38. (Original) A method in accordance with Claim 27, wherein the data 
structure represents in-box information corresponding to the identity. 

Claim 39. (Original) A method in accordance with Claim 27, wherein the data 
structure represents music service information corresponding to the identity. 

Claim 40. (Original) A method in accordance with Claim 27, wherein the data 
structure represents calendar information corresponding to the identity. 

Claim 41. (Original) A method in accordance with Claim 27, wherein the data 
structure represents documents that the identity is entitled to access. 

Claim 42. (Original) A method in accordance with Claim 27, wherein the data 
structure represents application setting information corresponding to the identity. 

Claim 43. (Original) A method in accordance with Claim 27, wherein the data 
structure represents physical device information corresponding to the identity. 

Claim 44. (Original) A method in accordance with Claim 27, wherein the data 
structure represents favorite Web site information corresponding to the identity. 
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Claim 45. (Original) A method in accordance with Claim 27, wherein the 
network message is a first network message, wherein the act of performing the requested 
operation on the data structure comprises the following: 

an act of reading at least one address from the data structure; 

an act of constructing a second network message that includes the at least one address 
read from the data structure; and 

an act of dispatching the second network message. 

Claim 46. (Original) A method in accordance with Claim 45, wherein the act of 
dispatching the second network message comprises an act of dispatching the second network 
message to the one of the plurality of application programs. 

Claim 47. (Original) A method in accordance with Claim 45, wherein the act of 
dispatching the second network message comprises an act of dispatching the second network 
message in accordance with the message format. 
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Claim 48. (Original) A computer-program product for use in a computer 
environment including a plurality of applications that operate on data related to an identity, the 
computer environment also including a service that maintains data associated with the identity, 
the computer program product for implementing a method for the service facilitating access of 
the plurality of applications to data related to the identity, the computer program product 
comprising one or more computer-readable media having stored thereon the following: 

computer-executable instructions for implementing the method recited in claim 27. 

Claim 49. (Original) A computer program product in accordance with Claim 48, 
wherein the one or more computer-readable media are physical storage media. 

Claim 50. (Original) A computer program product in accordance with Claim 48, 
wherein the one or more computer-readable media further comprise the following: 

computer-executable instructions for determining that the one of the plurality of 
applications is authorized to perform the requested operation on the data structure prior to the 
performing the requested operation. 

Claim 51 . (Original) A computer program product in accordance with Claim 48, 
wherein the one or more computer-readable media further have stored thereon the following: 

computer-executable instructions for maintaining a list of access rights to the data 
structure; and 

computer-executable instructions for referring to the list of access rights in order to 
determine that the one of the plurality of application is authorized to perform the requested 
operation on the data structure. 
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Claim 52. (Previously Presented) A computer network that facilitates access to 
identity-centric data, the computer network comprising the following: 

a plurality of applications that operate on data related to an identity, wherein the data 
belongs to the associated identity and is organized into a data structure according to a schema 
recognized by the plurality of different applications, such that the plurality of applications can 
interpret the data object by following rules in the schema, and wherein the identity retains control 
over access privileges of the plurality of applications to the data by granting or retracting 
authorizations by altering access control rules in the data structure, wherein each of the plurality 
of applications configured to determine that data associated with the identity is to be operated on, 
identify a data structure that represents the data associated with the identity, construct a network 
message in accordance with a message structure recognized by the plurality of applications, 
wherein the network message includes an identification of the identity and an identification of 
the schema, the network message representing a request to perform the operation on the data 
structure, and configured to dispatch the network message to the service; and 

a plurality of services that maintain data associated with the identity, each of the plurality 
of applications configured to detect the receipt of the network message from one of the plurality 
of applications, interpret the network message in light of the message format to thereby extract 
an identification of the identity and an identification of the data structure, and perform the 
requested operation on the data structure using the data format. 

Claim 53. (Previously Presented) A method as recited in claim 27, further 
comprising: 

storing identity-centric data relating to multiple identities in a data store maintained by 
the service; 

receiving various requests from the applications for identity-centric data relating to at 
least some of the identities; and 

providing the requested data to the requesting applications in response to their requests. 
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Claim 54. (Previously Presented) A method as recited in claim 1, further 
comprising: 

requesting identity-centric data relating to the identity; and receiving the requested 
identity-centric data from the data service. 

Claim 55-59. (Cancelled). 
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